Merge pull request #79310 from draveness/feature/cleanup-KubeletPluginsWatcher-feature-gates

feat: cleanup feature gates for KubeletPluginsWatcher
This commit is contained in:
Kubernetes Prow Robot 2019-06-23 23:04:09 -07:00 committed by GitHub
commit 2109c1a7a3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 24 additions and 57 deletions

View File

@ -303,13 +303,6 @@ const (
// Only applicable if the VolumeSubpath feature is also enabled // Only applicable if the VolumeSubpath feature is also enabled
VolumeSubpathEnvExpansion featuregate.Feature = "VolumeSubpathEnvExpansion" VolumeSubpathEnvExpansion featuregate.Feature = "VolumeSubpathEnvExpansion"
// owner: @vikaschoudhary16
// GA: v1.13
//
//
// Enable probe based plugin watcher utility for discovering Kubelet plugins
KubeletPluginsWatcher featuregate.Feature = "KubeletPluginsWatcher"
// owner: @vikaschoudhary16 // owner: @vikaschoudhary16
// beta: v1.12 // beta: v1.12
// //
@ -520,7 +513,6 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS
VolumeSubpath: {Default: true, PreRelease: featuregate.GA}, VolumeSubpath: {Default: true, PreRelease: featuregate.GA},
BalanceAttachedNodeVolumes: {Default: false, PreRelease: featuregate.Alpha}, BalanceAttachedNodeVolumes: {Default: false, PreRelease: featuregate.Alpha},
VolumeSubpathEnvExpansion: {Default: true, PreRelease: featuregate.Beta}, VolumeSubpathEnvExpansion: {Default: true, PreRelease: featuregate.Beta},
KubeletPluginsWatcher: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.16
ResourceQuotaScopeSelectors: {Default: true, PreRelease: featuregate.Beta}, ResourceQuotaScopeSelectors: {Default: true, PreRelease: featuregate.Beta},
CSIBlockVolume: {Default: true, PreRelease: featuregate.Beta}, CSIBlockVolume: {Default: true, PreRelease: featuregate.Beta},
CSIInlineVolume: {Default: false, PreRelease: featuregate.Alpha}, CSIInlineVolume: {Default: false, PreRelease: featuregate.Alpha},

View File

@ -537,7 +537,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
experimentalHostUserNamespaceDefaulting: utilfeature.DefaultFeatureGate.Enabled(features.ExperimentalHostUserNamespaceDefaultingGate), experimentalHostUserNamespaceDefaulting: utilfeature.DefaultFeatureGate.Enabled(features.ExperimentalHostUserNamespaceDefaultingGate),
keepTerminatedPodVolumes: keepTerminatedPodVolumes, keepTerminatedPodVolumes: keepTerminatedPodVolumes,
nodeStatusMaxImages: nodeStatusMaxImages, nodeStatusMaxImages: nodeStatusMaxImages,
enablePluginsWatcher: utilfeature.DefaultFeatureGate.Enabled(features.KubeletPluginsWatcher),
} }
if klet.cloud != nil { if klet.cloud != nil {
@ -785,13 +784,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
if err != nil { if err != nil {
return nil, err return nil, err
} }
if klet.enablePluginsWatcher { klet.pluginManager = pluginmanager.NewPluginManager(
klet.pluginManager = pluginmanager.NewPluginManager( klet.getPluginsRegistrationDir(), /* sockDir */
klet.getPluginsRegistrationDir(), /* sockDir */ klet.getPluginsDir(), /* deprecatedSockDir */
klet.getPluginsDir(), /* deprecatedSockDir */ kubeDeps.Recorder,
kubeDeps.Recorder, )
)
}
// If the experimentalMounterPathFlag is set, we do not want to // If the experimentalMounterPathFlag is set, we do not want to
// check node capabilities since the mount path is not the default // check node capabilities since the mount path is not the default
@ -1210,9 +1207,6 @@ type Kubelet struct {
// This flag sets a maximum number of images to report in the node status. // This flag sets a maximum number of images to report in the node status.
nodeStatusMaxImages int32 nodeStatusMaxImages int32
// This flag indicates that kubelet should start plugin watcher utility server for discovering Kubelet plugins
enablePluginsWatcher bool
// Handles RuntimeClass objects for the Kubelet. // Handles RuntimeClass objects for the Kubelet.
runtimeClassManager *runtimeclass.Manager runtimeClassManager *runtimeclass.Manager
} }
@ -1375,15 +1369,13 @@ func (kl *Kubelet) initializeRuntimeDependentModules() {
// container log manager must start after container runtime is up to retrieve information from container runtime // container log manager must start after container runtime is up to retrieve information from container runtime
// and inform container to reopen log file after log rotation. // and inform container to reopen log file after log rotation.
kl.containerLogManager.Start() kl.containerLogManager.Start()
if kl.enablePluginsWatcher { // Adding Registration Callback function for CSI Driver
// Adding Registration Callback function for CSI Driver kl.pluginManager.AddHandler(pluginwatcherapi.CSIPlugin, plugincache.PluginHandler(csi.PluginHandler))
kl.pluginManager.AddHandler(pluginwatcherapi.CSIPlugin, plugincache.PluginHandler(csi.PluginHandler)) // Adding Registration Callback function for Device Manager
// Adding Registration Callback function for Device Manager kl.pluginManager.AddHandler(pluginwatcherapi.DevicePlugin, kl.containerManager.GetPluginRegistrationHandler())
kl.pluginManager.AddHandler(pluginwatcherapi.DevicePlugin, kl.containerManager.GetPluginRegistrationHandler()) // Start the plugin manager
// Start the plugin manager klog.V(4).Infof("starting plugin manager")
klog.V(4).Infof("starting plugin manager") go kl.pluginManager.Run(kl.sourcesReady, wait.NeverStop)
go kl.pluginManager.Run(kl.sourcesReady, wait.NeverStop)
}
} }
// Run starts the kubelet reacting to config updates // Run starts the kubelet reacting to config updates

View File

@ -32,9 +32,7 @@ import (
"k8s.io/apimachinery/pkg/api/resource" "k8s.io/apimachinery/pkg/api/resource"
utilversion "k8s.io/apimachinery/pkg/util/version" utilversion "k8s.io/apimachinery/pkg/util/version"
"k8s.io/apimachinery/pkg/util/wait" "k8s.io/apimachinery/pkg/util/wait"
utilfeature "k8s.io/apiserver/pkg/util/feature"
"k8s.io/klog" "k8s.io/klog"
"k8s.io/kubernetes/pkg/features"
"k8s.io/kubernetes/pkg/volume" "k8s.io/kubernetes/pkg/volume"
csipbv0 "k8s.io/kubernetes/pkg/volume/csi/csiv0" csipbv0 "k8s.io/kubernetes/pkg/volume/csi/csiv0"
) )
@ -158,16 +156,14 @@ func newCsiDriverClient(driverName csiDriverName) (*csiDriverClient, error) {
addr := fmt.Sprintf(csiAddrTemplate, driverName) addr := fmt.Sprintf(csiAddrTemplate, driverName)
requiresV0Client := true requiresV0Client := true
if utilfeature.DefaultFeatureGate.Enabled(features.KubeletPluginsWatcher) { existingDriver, driverExists := csiDrivers.Get(string(driverName))
existingDriver, driverExists := csiDrivers.Get(string(driverName)) if !driverExists {
if !driverExists { return nil, fmt.Errorf("driver name %s not found in the list of registered CSI drivers", driverName)
return nil, fmt.Errorf("driver name %s not found in the list of registered CSI drivers", driverName)
}
addr = existingDriver.endpoint
requiresV0Client = versionRequiresV0Client(existingDriver.highestSupportedVersion)
} }
addr = existingDriver.endpoint
requiresV0Client = versionRequiresV0Client(existingDriver.highestSupportedVersion)
nodeV1ClientCreator := newV1NodeClient nodeV1ClientCreator := newV1NodeClient
nodeV0ClientCreator := newV0NodeClient nodeV0ClientCreator := newV0NodeClient
if requiresV0Client { if requiresV0Client {

View File

@ -155,10 +155,10 @@ func (p *Plugin) Admit(a admission.Attributes, o admission.ObjectInterfaces) err
return admission.NewForbidden(a, fmt.Errorf("disabled by feature gate %s", features.NodeLease)) return admission.NewForbidden(a, fmt.Errorf("disabled by feature gate %s", features.NodeLease))
case csiNodeResource: case csiNodeResource:
if p.features.Enabled(features.KubeletPluginsWatcher) && p.features.Enabled(features.CSINodeInfo) { if p.features.Enabled(features.CSINodeInfo) {
return p.admitCSINode(nodeName, a) return p.admitCSINode(nodeName, a)
} }
return admission.NewForbidden(a, fmt.Errorf("disabled by feature gates %s and %s", features.KubeletPluginsWatcher, features.CSINodeInfo)) return admission.NewForbidden(a, fmt.Errorf("disabled by feature gates %s", features.CSINodeInfo))
default: default:
return nil return nil

View File

@ -66,15 +66,9 @@ func init() {
if err := leaseDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.NodeLease: {Default: false}}); err != nil { if err := leaseDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.NodeLease: {Default: false}}); err != nil {
panic(err) panic(err)
} }
if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.KubeletPluginsWatcher: {Default: true}}); err != nil {
panic(err)
}
if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: true}}); err != nil { if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: true}}); err != nil {
panic(err) panic(err)
} }
if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.KubeletPluginsWatcher: {Default: false}}); err != nil {
panic(err)
}
if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: false}}); err != nil { if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: false}}); err != nil {
panic(err) panic(err)
} }
@ -1170,7 +1164,7 @@ func Test_nodePlugin_Admit(t *testing.T) {
name: "disallowed create CSINode - feature disabled", name: "disallowed create CSINode - feature disabled",
attributes: admission.NewAttributesRecord(nodeInfo, nil, csiNodeKind, nodeInfo.Namespace, nodeInfo.Name, csiNodeResource, "", admission.Create, &metav1.CreateOptions{}, false, mynode), attributes: admission.NewAttributesRecord(nodeInfo, nil, csiNodeKind, nodeInfo.Namespace, nodeInfo.Name, csiNodeResource, "", admission.Create, &metav1.CreateOptions{}, false, mynode),
features: csiNodeInfoDisabledFeature, features: csiNodeInfoDisabledFeature,
err: fmt.Sprintf("forbidden: disabled by feature gates %s and %s", features.KubeletPluginsWatcher, features.CSINodeInfo), err: fmt.Sprintf("forbidden: disabled by feature gates %s", features.CSINodeInfo),
}, },
{ {
name: "disallowed create another node's CSINode - feature enabled", name: "disallowed create another node's CSINode - feature enabled",

View File

@ -123,10 +123,10 @@ func (r *NodeAuthorizer) Authorize(attrs authorizer.Attributes) (authorizer.Deci
} }
return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gate %s", features.NodeLease), nil return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gate %s", features.NodeLease), nil
case csiNodeResource: case csiNodeResource:
if r.features.Enabled(features.KubeletPluginsWatcher) && r.features.Enabled(features.CSINodeInfo) { if r.features.Enabled(features.CSINodeInfo) {
return r.authorizeCSINode(nodeName, attrs) return r.authorizeCSINode(nodeName, attrs)
} }
return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gates %s and %s", features.KubeletPluginsWatcher, features.CSINodeInfo), nil return authorizer.DecisionNoOpinion, fmt.Sprintf("disabled by feature gates %s", features.CSINodeInfo), nil
} }
} }

View File

@ -69,15 +69,9 @@ func init() {
if err := leaseDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.NodeLease: {Default: false}}); err != nil { if err := leaseDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.NodeLease: {Default: false}}); err != nil {
panic(err) panic(err)
} }
if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.KubeletPluginsWatcher: {Default: true}}); err != nil {
panic(err)
}
if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: true}}); err != nil { if err := csiNodeInfoEnabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: true}}); err != nil {
panic(err) panic(err)
} }
if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.KubeletPluginsWatcher: {Default: false}}); err != nil {
panic(err)
}
if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: false}}); err != nil { if err := csiNodeInfoDisabledFeature.Add(map[featuregate.Feature]featuregate.FeatureSpec{features.CSINodeInfo: {Default: false}}); err != nil {
panic(err) panic(err)
} }

View File

@ -164,8 +164,7 @@ func NodeRules() []rbacv1.PolicyRule {
nodePolicyRules = append(nodePolicyRules, csiDriverRule) nodePolicyRules = append(nodePolicyRules, csiDriverRule)
} }
} }
if utilfeature.DefaultFeatureGate.Enabled(features.KubeletPluginsWatcher) && if utilfeature.DefaultFeatureGate.Enabled(features.CSINodeInfo) {
utilfeature.DefaultFeatureGate.Enabled(features.CSINodeInfo) {
csiNodeInfoRule := rbacv1helpers.NewRule("get", "create", "update", "patch", "delete").Groups("storage.k8s.io").Resources("csinodes").RuleOrDie() csiNodeInfoRule := rbacv1helpers.NewRule("get", "create", "update", "patch", "delete").Groups("storage.k8s.io").Resources("csinodes").RuleOrDie()
nodePolicyRules = append(nodePolicyRules, csiNodeInfoRule) nodePolicyRules = append(nodePolicyRules, csiNodeInfoRule)
} }